Friday, June 16, 2017

A comparison with the UK

Following on from the other day, I did a quick sweep of the UK to renew my 10,000ft understanding of the state of things in the UK, for comparison with what I know (and have previously talked about) in Canada.

By and large, I think things are still done better in the UK than in Canada.  If you look at most Android apps, they usually have proper obfuscation, which usually Canada doesn't.  They usually use the JNI for sensitive code where Canada usually doesn't.  They also often run 24 hour social media teams, which Canada doesn't. 

The other thing that sticks out, and I hate to keep beating a dead horse over this one, but attitude makes a massive difference.  As anyone reading this blog or following me on Twitter knows from yesterday, I ran into a snag with Barclays Bank.  

To paraphrase events, it went like this...

Me: You got a problem.
Barclays:  Tell us more.
Me: Explains problem.
Barclays:  Thanks, we're fixing this as a matter of priority.
*several hours later*
Me: You got another security issue. We need to take this offline.
Barclays:  You got it.
Me: Gets into deeper discussion. Swaps issue, solution, etc.
Barclays: And if we need you again?
Me: Here's my info.

Now, contrast that attitude to, say, Scotiabank.

Me:  You got a phishing problem.
Scotiabank:  *crickets*

Me:  You're leaking server source code.
Scotiabank:  *crickets*

Me:  You're pushing out sweary apps.
Scotiabank:  *crickets*

Me:  You got a problem.
Scotiabank:  *crickets*

There's a clear difference in the attitude which improves the way things are handled.  In every way I can think of, my experience with Barclays yesterday was on par with dealing with an American Financial Institution; It was quick, with clear communication so you knew what they were doing about it. 

When it's done like this, two things happen:

1) A bank gets secured more quickly, and that's good for the customers.
2) You don't waste precious time and energy fighting against a bank that is in denial that there's even a problem.

As I said, I don't want to beat a dead horse here, as I've mentioned this many times, but I thought I'd throw out this as an up-to-date, real-life comparison from the UK.